Highlighted
Absent Member.
Absent Member.
1757 views

LDAP Import cannot create users

Hi All

We are using the latest version of the iPrint appliance syncing to our Edirectory. I have 93 users that are in our edirectory that it will not import. There are 212 users in the container but it only syncs 129 of them. All have a uid attribute in edirectory. I manually created the accounts using iManager in the iPrint tree and the next time the LDAP sync ran it deleted them all. This has really got me stumped if anyone has any idea where I can start to troubleshoot this one it would be much appreciated.

Thanks

Graeme
Tags (2)
0 Likes
6 Replies
Highlighted
Absent Member.
Absent Member.

Re: LDAP Import cannot create users

On 03/20/2015 12:26 AM, gmurphybc wrote:
>
> Hi All
>
> We are using the latest version of the iPrint appliance



What version is that?

syncing to our
> Edirectory. I have 93 users that are in our edirectory that it will not
> import. There are 212 users in the container but it only syncs 129 of
> them. All have a uid attribute in edirectory.




ipmigrate.log shows any errors


I manually created the
> accounts using iManager in the iPrint tree and the next time the LDAP
> sync ran it deleted them all. This has really got me stumped


working as design. it is in the docs. if you manually create the user on
the ldap sync container, it will be deleted next time ldap syn is run.

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: LDAP Import cannot create users

On Thu, 19 Mar 2015 23:26:01 GMT, gmurphybc
<gmurphybc@no-mx.forums.novell.com> wrote:

>
>Hi All
>
>We are using the latest version of the iPrint appliance syncing to our
>Edirectory. I have 93 users that are in our edirectory that it will not
>import. There are 212 users in the container but it only syncs 129 of
>them. All have a uid attribute in edirectory. I manually created the
>accounts using iManager in the iPrint tree and the next time the LDAP
>sync ran it deleted them all. This has really got me stumped if anyone
>has any idea where I can start to troubleshoot this one it would be much
>appreciated.
>
>Thanks
>
>Graeme


This is a definite longshot...but I'll mention it on the off chance
that it might help. I had a similar LDAP import problem with the Filr
appliance (only a percentage of users getting imported). After
working with it for quite some time I finally just rebooted the
appliance and suddenly all my users were there. So just in case the
iPrint appliance and the Filr appliance share the same LDAP code, you
might want to try a reboot if you haven't already.

Ken
--
Ken
Knowledge Partner

Create and vote for enhancements!
Idea Exchange sites within this community are now coming online for some of the Collaboration Products!
GroupWise Idea Exchange - https://community.microfocus.com/t5/GroupWise-Idea-Exchange/idb-p/GWideas
SMG Idea Exchange - https://community.microfocus.com/t5/Secure-Messaging-Gateway-Idea/idb-p/SMG_Ideas
Old method is still available for some products here: https://www.microfocus.com/products/enhancement-request.html
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: LDAP Import cannot create users

Hi All

Thanks for your replies. I tried the reboot but unfortunately this did not help. I even did a resync after the reboot but no luck. Something very strange in the ipmigrate.log. There are no entries in the log for the missing users. I pointed the sync to another ldap server to make sure it was not the LDAP source but the same result. I then have tested the ldap sources with an LDAP browser and it displays all the missing users. Our iPrint version is 1.1.0.407.

If you can think of anything else to try it would be much appreciated.

Thanks

Graeme
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: LDAP Import cannot create users

On 03/23/2015 01:06 AM, gmurphybc wrote:
>
> Hi All
>
> Thanks for your replies. I tried the reboot but unfortunately this did
> not help. I even did a resync after the reboot but no luck. Something
> very strange in the ipmigrate.log. There are no entries in the log for
> the missing users. I pointed the sync to another ldap server to make
> sure it was not the LDAP source but the same result. I then have tested
> the ldap sources with an LDAP browser and it displays all the missing
> users. Our iPrint version is 1.1.0.407.
>
> If you can think of anything else to try it would be much appreciated.
>
> Thanks
>
> Graeme
>
>


1. Configure the ldap in plain text and take a lan trace while importing
users. Check if missing users are there

2. Check /opt/novell/filr/apache-tomcat/logs/catalina.out to see if
missing users have been imported into mysql database.

3. I assume you're using the default ldap filter to import the users. It
maybe be that missing users do not have uniqueid or have been created
with an utility that do not set this attribute.

4. Check var/opt/novell/tomcat-filr/logs/ssf.log if any errors are
reported during import

There is new code for the ldap import that fixes some issue still
present on released code. It will be released with the upcoming sp1 for
appliance 1.1. If you do not can wait, open a sr and ask for the
internal fix.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: LDAP Import cannot create users

Thanks for all the assistance. The missing users were in the trace but not mentioned in any of the log files. They all do have a uniqueid attribute. After some more checking around there must be something not right in the mysql database. You can move the users to any container and back again and it still will not create them. If you rename a user it then creates them under the new name but will not rename the new user when you change the name back in our source edir.

I am going to raise an SR and can let you know what they found the issue to be. Thanks again for all your help to try and sort this one out.

Graeme
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: LDAP Import cannot create users

On 03/24/2015 03:36 AM, gmurphybc wrote:
>
> Thanks for all the assistance. The missing users were in the trace but
> not mentioned in any of the log files. They all do have a uniqueid
> attribute. After some more checking around there must be something not
> right in the mysql database. You can move the users to any container and
> back again and it still will not create them. If you rename a user it
> then creates them under the new name but will not rename the new user
> when you change the name back in our source edir.



This is a known issue and there is a fix in progress

> I am going to raise an SR and can let you know what they found the issue
> to be. Thanks again for all your help to try and sort this one out.
>
> Graeme
>
>


The new ldap code that it will shipped with sp1, has included the
functionality that if ldap source is deleted on the ldap configuration
page, all users will be deleted from appliance edir and mysql database.
Then a new configuration of the ldap import will import all users onto a
clean mysql database. It looks like there is an issue with the database
and without the new code, it can no be cleaned out.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.